We monitor the dark web for you through continual scanning.
Quite simply, the search for and eradication of threats across your entire environment, including servers, network devices, endpoints and cloud services is simply no longer enough.
But what is the dark web, and what does it mean to you?
To illustrate this let’s consider how a couple of high-profile breaches have played out.
The dark web: LinkedIn and Ashley Madison breaches
When LinkedIn suffered a major security beach in 2012 its effects were still being felt four years later.
Security researchers in 2016 claimed that more than 117 million account details were still being sold on dark web data sharing websites.
And, of course, LinkedIn includes work email addresses and many people use the same password across different aps and sites. Which means that the compromised password data being traded will lead to wide-reaching security risks.
In July 2015, Ashley Madison, a Canadian online dating service aimed at married men and women seeking flings and affairs, was hacked.
It was threatened that its sensitive data would be released unless the site was shut down. The company ignored the warning.
A month later the first of many data dumps were released on the dark web – potentially including business email addresses and passwords used for work apps as well as personal. As the situation escalated internal data, including emails from its CEO and the website’s source code were made available.
By August, two Canadian law firms announced a joint $578 million class action lawsuit, citing Ashley Madison’s 39 million users whose private information had been exposed.
What is the dark web?
Google, and other search engines have now indexed more than 5 billion websites.
These sites, however, are just the tip of the iceberg: the majority of sites are part of a deeper web. Many of these are pages that are ‘gated’, such as those you access after logging into your social media, online bank account or subscription sites.
A small, but significant, part of the web that is not indexed is known as the dark web.
These are sites that use encryption to hide both their origins and the identities of their users. To access these, you need to use specialised software, such as Tor.
The dark web contains a wide range of sites whose creators and users simply want to remain anonymous. But, beyond legitimate uses for the dark web, it also serves as a haven for criminal activity.
Some of these sites sell stolen data, such as passwords, credit card information, social security numbers and other sensitive information. Most of the data that gets lost or stolen in data breaches will end for sale on dark web marketplaces where criminals can obtain it, usually for a fee.
What is a dark web scan?
A dark web scan is an extra layer of peace of mind for your business.
It is an ongoing service that checks dark websites to see if any of your information shows up. If an email address with your domain appears on the dark web, from a phishing email or any other source, we will immediately notify you, so you can act before hackers use the email address and password to get access to other applications or attempt to blackmail you.
The sooner you find out that your information is on the dark web, the faster you can act to protect your assets and network.
We advise you of security actions to take and further security places you can put in place.
With scanning in place, there is no longer any need to be afraid of the dark. Find out how we can help you, contact us on +44 (0) 20 7856 9450.
Keeping client data confidential using Managed Detection & Response from Falanx Cyber